With more and more people moving their businesses online, cyber security is very important.
Although it’s impossible to protect against every eventuality, here are a few safeguards that can be implemented.
ALWAYS
- Review beneficiary details of payment before you approve transactions, especially those with new or changed information
- Check account activity on a regular basis for any suspicious transactions
- Set up customized automatic accounts alerts to know when certain activities take place
- Set payment limits at account and employee levels based on payment trends and history
- Verify whom you’re communicating with and know what information can be shared
- Stop any online session that makes you uncomfortable
- Avoid email usage for confidential or sensitive information
- Create and update strong passwords (We recommend LastPass for this!)
- Log off inactive devices and lock your workstation when you’re away
- Minimize personal web-surfing on your business devices
- Use protected Wi-Fi networks that you trust
- Make sure your systems are protected by current and effective anti-virus software
NEVER
- Respond to payment instructions received by email or phone without first validating the instructions by telephone or in person
- Open an email, click a link in an email or open an email attachment without first validating the source
- Share confidential information, including log-in credentials and account numbers
- Respond to pop-ups or unsolicited phone calls asking you to re-submit your log-in information or that of another user
- Allow co-workers to log-in to your machine or use your log-in credentials
- Send work information to personal email accounts
- Enter personal information in an email or text message
- Describe your job on personal social media accounts
CYBER SECURITY & CYBER FRAUD: TIPS TO HELP PROTECT YOUR ASSETS
Small businesses can reduce the risk of losses due to cyber fraud by understanding these most common methods cyber criminals use:
SOCIAL ENGINEERING
Interactions with a cybercriminal such as a phone call, email or conversation that trick a user into sharing sensitive information.
PHISHING
A cybercriminal contacts a user by email or phone and obtains the user’s security credentials, permitting the cybercriminal to act on behalf of the user.